Linux Kernel Wilc1000 Driver Unhandled Error Path Leading to Kernel Panic Vulnerability

A vulnerability in the Linux kernel's Wilc1000 driver can cause a kernel panic. This issue arises in the probe functions of the Wilc drivers (both SDIO and SPI) due to an error path that improperly handles the unregistration of a wireless PHY (wiphy) device. The vulnerability can be triggered by misconfiguring a Wilc device through SPI, making it unresponsive to initial SPI commands. This issue is linked to a recent change that separated wiphy allocation from registration, leaving the cleanup function potentially calling unregister on a wiphy that was never registered.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing a crash of the affected system.

Reproduction

The vulnerability can be reproduced by incorrectly wiring a Wilc device through SPI, which will make it unresponsive to early SPI commands. This misconfiguration can be done by not properly connecting the device, allowing the error path in the driver's probe function to execute and cause a kernel panic.

Remediation

The vulnerability has been addressed by modifying the Wilc1000 driver's error handling to prevent the unregistration of a wiphy that was never registered. Users should ensure they are using a version of the Linux kernel that includes this fix.